datatracker.ietf.org
Sign in
Version 5.7.1.p2, 2014-10-29
Report a bug

The PPP DES Encryption Protocol (DESE)
RFC 1969

Document type: RFC - Informational (June 1996; No errata)
Obsoleted by RFC 2419
Document stream: IETF
Last updated: 2013-03-02
Other versions: plain text, pdf, html

IETF State: (None)
Document shepherd: No shepherd assigned

IESG State: RFC 1969 (Informational)
Responsible AD: (None)
Send notices to: No addresses provided

Network Working Group                                         K. Sklower
Request for Comments: 1969            University of California, Berkeley
Category: Informational                                         G. Meyer
                                                          Spider Systems
                                                               June 1996

                 The PPP DES Encryption Protocol (DESE)

Status of This Memo

   This memo provides information for the Internet community.  This memo
   does not specify an Internet standard of any kind.  Distribution of
   this memo is unlimited.

Abstract

   The Point-to-Point Protocol (PPP) [1] provides a standard method for
   transporting multi-protocol datagrams over point-to-point links.

   The PPP Encryption Control Protocol (ECP) [2] provides a method to
   negotiate and utilize encryption protocols over PPP encapsulated
   links.

   This document provides specific details for the use of the DES
   standard [5, 6] for encrypting PPP encapsulated packets.

Acknowledgements

   The authors extend hearty thanks to Fred Baker of Cisco for helpful
   improvements to the clarity of the document.

Table of Contents

   1. Introduction ................................................    2
   1.1. Motivation ................................................    2
   1.2. Conventions ...............................................    2
   2. General Overview ............................................    2
   3. Structure of This Specification .............................    3
   4. DESE Configuration Option for ECP ...........................    4
   5. Packet Format for DESE ......................................    5
   6. Encryption ..................................................    6
   6.1. Padding Considerations ....................................    6
   6.2. Generation of the Ciphertext ..............................    7
   6.3. Retrieval of the Plaintext ................................    8
   6.4. Recovery after Packet Loss ................................    8
   7. MRU Considerations ..........................................    8
   8. Security Considerations .....................................    9

Sklower & Meyer              Informational                      [Page 1]
RFC 1969                  PPP DES Encryption                   June 1996

   9. References ..................................................    9
   10. Authors' Addresses .........................................   10
   11. Expiration Date of this Draft ..............................   10

1.  Introduction

1.1.  Motivation

   The purpose of this memo is two-fold: to show how one specifies the
   necessary details of a "data" or "bearer" protocol given the context
   of the generic PPP Encryption Control Protocol, and also to provide
   at least one commonly-understood means of secure data transmission
   between PPP implementations.

   The DES encryption algorithm is a well studied, understood and widely
   implemented encryption algorithm.  The DES cipher was designed for
   efficient implementation in hardware, and consequently may be
   relatively expensive to implement in software.  However, its
   pervasiveness makes it seem like a reasonable choice for a "model"
   encryption protocol.

   Source code implementing DES in the "Electronic Code Book Mode" can
   be found in [7].  US export laws forbid the inclusion of
   compilation-ready source code in this document.

1.2.  Conventions

   The following language conventions are used in the items of
   specification in this document:

   o    MUST, SHALL or MANDATORY -- the item is an absolute requirement
        of the specification.

   o    SHOULD or RECOMMENDED -- the item should generally be followed
        for all but exceptional circumstances.

   o    MAY or OPTIONAL -- the item is truly optional and may be
        followed or ignored according to the needs of the implementor.

2.  General Overview

   The purpose of encrypting packets exchanged between two PPP
   implementations is to attempt to insure the privacy of communication
   conducted via the two implementations.  The encryption process
   depends on the specification of an encryption algorithm and a shared
   secret (usually involving at least a key) between the sender and
   receiver.

Sklower & Meyer              Informational                      [Page 2]
RFC 1969                  PPP DES Encryption                   June 1996

   Generally, the encryptor will take a PPP packet including the
   protocol field, apply the chosen encryption algorithm, place the
   resulting cipher text (and in this specification, an explicit

[include full document text]